Fat32 file output redirect overwrites self. =========================== odd behavior... >?
1.) console application output redirected to itself ( file.ext > file.ext ) C:\test>program.exe >program.exe program.exe The process cannot access the file because it is being used by another process. ok great, normal error ( i thought ) by seeing this error, one might think "phew, i just saved myself from overwriting that file" but 2.) try running original program C:\test>program.exe [popup] C:\test\program is not a valid Win32 application. [/popup] Access is denied. uh-o 3.) directory listing C:\test>dir Volume in drive C has no label. Volume Serial Number is 1F2E-1405 Directory of C:\test 02/16/2003 03:00 AM <DIR> . 02/16/2003 03:00 AM <DIR> .. 02/16/2003 03:31 AM 0 program.exe 9 File(s) 0 bytes 2 Dir(s) 435,847,168 bytes free i do not know if this is proper behavior. but it would appear that you SHOULD be safe due to windows file locking, and the saftey is further bolstered by nice warning. but alas... "Access Denied! " so by observance we can deduce the following: a. windows reads the originating program into memory ( fully(?) b. the file output redirection ( > ) causes a write to file to the redirection call back upon itself, and thus begins overwriting the original file. c. windows detects the file access and determines that this action is illegal and halts the operation and warns the user. note: not tested under other disc formats. Donnie Werner http://exploitlabs.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html